This wiki service has now been shut down and archived

From ESIWiki

Trust and Security in Virtual Communities

Third Workshop: Trusted Services: Requirements and Prospects

8th & 9th July 2008

The Trust and Security in Virtual Communities Theme is seeking to advance the practice of eScience by considering how to improve the security guarantees which can be offered by grid and related infrastructures. In order to broaden the applicability of these ideas to new scientific communities, it is necessary to increase the trustworthiness of the underlying technologies.

The File:Theme8-workshop1-Final-report.pdf sought to determine the Application-Led Agenda for Security in eScience, and the second workshop followed this up by exploring the most urgent issues raised: Usability and Interoperability in Authentication and Authorization.

The aim of the Third Workshop was to move the agenda forward by considering application domains which have significant trust requirements, beyond those offered by current commodity (grid, cloud) computing models. For example:

• Processing of clinical data, or only lightly-pseudonymized patient data: current dataGrid capabilities (for compute or data) offer insufficient strength of protections, and in some case insufficiently fine-grained access controls.

• Processing of proprietary data (in Engineering, in Bioinformatics, etc.): similar

• Very long-term archiving; evidential standards; strong provenance guarantees.

• Trustworthy log data collection, reconciliation, and audit.

Presentations in these, and similar areas were solicited. The objective was to discover synergies between those with requirements in this area, and those with possible trusted computing solutions, and to give the application development work an opportunity to influence the development of the tools. In addition, we sought points of connection with existing standards, so that new architectures and components can avoid interoperability pitfalls and unnecessary re-work.

Speakers

Yonatan Zetuny, U. Westminster, Reputation-Policy Trust Model for Grid Resource Selection

Jun Ho Huh, U. Oxford, Trusted Logging for Grid Computing

John Zic, CSIRO Australia

Po-Wah Yau, RHUL, Applying Trusted Computing to a workflow system

Andy Cooper, U. Oxford,

Jens Jensen, STFC-RAL, Aspects of Application Security

James Cheney, U.Edinburgh and eSI Theme on Provenance, Provenance and Security

Adel Taweel, U. Birmingham, Experiences with developing ePCRN projects security for handling, dealing with and accessing medical data

Schedule

Each speaker was allocated an hour: the intention was to allow substantial discussion and questions, not necessarily to expect everyone to give an extended presentation.

8th July

10am onwards: arrival and coffee

11am Welcome, Theme and Workshop Introduction, Andrew Martin presentation

12noon Experiences with developing ePCRN projects security for handling, dealing with and accessing medical data, Adel Taweel

1pm Lunch

1.45pm Jens Jensen Aspects of Application Security presentation

2.45pm Coffee

3pm John Zic presentation

4pm Provenance and Security, James Cheney

5pm Depart/hotel check-in opportunity

7.30pm Dinner

9th July

9am Towards a Trusted Grid Architecutre, Andy Cooper presentation

10am Trusted Logging for Grid Computing, Jun Ho Huh presentation

11am Coffee

11.15am Applying Trusted Computing to a workflow system, Po-Wah Yau presentation

12.15pm Reputation-Policy Trust Model for Grid Resource Selection, Yonatan Zetuny presentation

1pm Lunch

1.30pm Discussion: Emerging Themes, Capabilities, Next Steps slides

3pm Depart

Notes

Notes on this workshop are also available.